Thirty Years Of NSA 'Oversight' And The Only Change Is Better Snooping Technology

from the downhill-with-the-wind-at-its-back dept

Thirty years down the road from a Senate select committee investigation into the NSA and what's changed for the intelligence agency? Based on this 1983 New York Times article (via Bruce Sterling), it appears the only difference is computing power and storage capacity. The NSA began as a virtually uncontrolled entity in 1952 and the next thirty years only saw it expand its grasp.

The power of the N.S.A., whose annual budget and staff are believed to exceed those of either the F.B.I. or the C.I.A., is enhanced by its unique legal status within the Federal Government. Unlike the Agriculture Department, the Postal Service or even the C.I.A., the N.S.A. has no specific Congressional law defining its responsibilities and obligations. Instead, the agency, based at Fort George Meade, about 20 miles northeast of Washington, has operated under a series of Presidential directives. Because of Congress's failure to draft a law for the agency, because of the tremendous secrecy surrounding the N.S.A.'s work and because of the highly technical and thus thwarting character of its equipment, the N.S.A. is free to define and pursue its own goals.

Is it any wonder the agency is prone to abuse? It may claim other entities have oversight, but at this point, it's had 60 years of setting its own agenda and tactics. Concerns that the NSA's power and reach could be misused were voiced by Frank Church (of the Church Committee), whose investigation resulted in the only "oversight" the agency has had to date -- the establishment of the FISA court in 1978.

During the course of the investigation, its chairman, Senator Frank Church, repeatedly emphasized his belief that the N.S.A.'s intelligence-gathering activities were essential to the nation's security. He also stressed that the equipment used to watch the Russians could just as easily ''monitor the private communications of Americans.'' If such forces were ever turned against the country's communications system, Senator Church said, ''no American would have any privacy left. ... There would be no place to hide.''

This was a concern in 1983, well before the internet served as the main communication route for millions of Americans and long before storage capacity was measured in zettabytes. And the NSA did turn it on American citizens. Repeatedly. The article states the NSA surveilled 75,000 Americans between 1952-1974. These files were shared with the CIA, another agency supposedly charged with targeting non-Americans only. Together, the CIA and NSA developed files on over 300,000 Americans during this time frame. This program, along with a telegram-reading program that ran from 1945-1975, was illegal. Both shut down in May of 1975, when the Senate committee expressed an interest in them.

Thirty years ago, there were also concerns about the NSA's "oversight," as the agency's techniques and programs were pretty much incomprehensible to its Congressional oversight.

Several months after the hearing, the Senate intelligence committee issued a report that expressed great concern about both the N.S.A.'s activities and the failure of Congress and the Federal courts to comprehend them. ''The watch-list activities and the sophisticated capabilities that they highlight present some of the most crucial privacy issues now facing this nation,'' the committee warned. ''Space-age technology has outpaced the law. The secrecy that has surrounded much of the N.S.A.'s activities and the lack of Congressional oversight have prevented, in the past, bringing statutes in line with the N.S.A.'s capabilities. Neither the courts nor Congress have dealt with the interception of communications using the N.S.A.'s highly sensitive and complex technology.''

Over the past three decades, the NSA has had an active hand in the development of technology that aids its collection activities.

The already expansive appetite of American intelligence analysts was further sharpened by technical advances that were occurring, not entirely by chance, at the same time. The technology in question was the digital computer, the wondrous tool diligently developed by American scientists working for such companies as I.B.M., the RCA Corporation and Sperry Rand, and covertly underwritten in a major way by the N.S.A.

The article also details how the NSA first got its hooks into American telecom companies. After learning the Soviet Union was conducting "wholesale eavesdropping" on communications in four major cities, the Carter administration called for the installation of 100 "voice scramblers" for government use. The switching point for the voice encryption was handled by the NSA, something the administration didn't bother telling other agencies utilizing the service. In addition, the NSA was sent out to protect American communication from Soviet surveillance, laying the groundwork for its communication interception programs.

Telephone links in the areas where Soviet spies were known to be listening were rerouted via underground cable. To further reduce the leakage of the new category of information, the President directed the N.S.A. to approach large corporations and other institutions, collect information about their communications networks and assist them in safeguarding their material. The Carter directive sanctioning the N.S.A.'s involvement in the planning, organization and development of private communications systems not handling classified secrets was only one of several ways in which the power of the agency grew.

The agency has also guided developments in cryptography for more than three decades, beginning with a 1978 gag order issued to George Davida to prevent him from revealing details on his invention, a computer security device utilizing a stream cipher. A rare public speech addressing communication security given by NSA director Bobby Ray Inman in 1979 saw him calling for an "open dialogue" between intelligence agencies and the academic world. This bizarrely resulted in many institutes of higher learning applying voluntary "prior restraint" to cryptographic research.

The result of this dialogue so far has been the recommendation by a special committee of the American Council on Education, a prestigious organization of over 1,400 colleges and universities, that all researchers engaged in cryptographic research submit their work to the N.S.A. before publication.

In addition to this prior restraint on cryptographic inventions and research, the NSA further insinuated itself into the development process.

Today, the National Science Foundation routinely allows the N.S.A. to review any request for the funding of cryptographic research. The N.S.A. also has begun providing financial support for related unclassified civilian research.

We're at the point now where the NSA has 30+ years of "intercepting" cryptographic research, which gives it a head start when it comes to decrypting collected communication. Of course, the encryption method doesn't really matter if the NSA has already inserted itself into the communication stream at the pre-encryption point. And if it hasn't, it will just hold the data until it can crack it.

The NSA has been in operation for over 60 years and its history shows it's always been prone to abuse, thanks to a minimum of oversight and a nearly impenetrable cloak of secrecy. Only now, six decades later, is it finally being forced to deal with the repercussions of its actions. But what's happening now is far too little way too late, thanks to a very compliant administration and two fawning intelligence committees.

The only thing the last thirty years has brought the NSA is better, faster tools and techniques. And the efforts to rein in the agency haven't kept pace.

Re:

Why would they care?

They are a spy agency, which means that they have the government by the balls. The moment any one person tries to interfere, news of their sex/money/yougetthepicture scandals gets leaked to the news by "an anonymous source".

If you want an interesting real-world example of the NSA sticking their nose into private cryptography, read the story of Heimdall Kerberos (forked from MIT Kerberos way back when). Its a great example of even when they REALLY put their feet down on security technology it has a way of getting away from them (sometimes printed and carried over borders).

Re:

The problem is that they're accustomed to no one asking them any questions, or the only ones asking questions being people they don't have to answer. When someone that they do have to answer like Congress starts asking questions, they flounder around because they don't have any practice at lying, or at coming up with real justifications.

You left out the 90's when NSA / DARPA funded university research...

That soon enough led to two college boys "inventing" an algorithm, then these two unknowns somehow got billions in funding for the necessary huge server farms which are the only practical instantion -- you can't duplicate it in your garage despite what politicians believe.

Of course I don't have proof because if true it's been obscured due to "national security". But its invention and founding can't be easily explained without gov't support, nor even if were "private" can gov't ignore such a huge trove of data, so it's definitely now part of the security state.When you think surveillance or spying or snooping, think Google!The phony deal that evil people (and gullible fools) try to force on us: You can't have the benefits of technology unless give up all privacy.

Re: You left out the 90's when NSA / DARPA funded university research...

You don't have proof because there isn't any. And their founding happens to be easily explain because it happened just like many other tech companies. Out of a garage, or dorm, or house just like many other large name companies. Theirs was out of a friends Garage. After that, they got funding just like many other startups. While I agree that they are of sifting through all data I trust Google far more then I will ever trust the government. Reason is Google is out to get a sale vs. Government is out to fabricate evidence in their favor. I still keep my Google usage minimal as I find it annoying but the government keeps me paranoid of using the internet at all.

Their base algorithm is pretty straightforward graph theory with a few tweaks, hardly anything the NSA or DARPA couldn't come up with themselves (remember, the NSA has some of the world's top mathematicians on payroll).

Also, do note that these college students weren't your typical broke college students. They came from relatively wealthy families and a pretty economically stable background. Starting Google in their garage is something that they could just afford to do.

The eventual growth of Google is just a function of their massive success. There's nothing mystical about it.

This isn't to say that they aren't evil...they are. But why live in a fantasy world when reality is much, much more straightforward and simple?

You cant handle the truth!

Watch the hit video: "Spies Gone Wild"

Coming soon, the uncensored video, "Spies Gone Wild," with NSA spies dressed in black and hi-fiving each other as they crowd around a monitor going gaga watching Lady Gaga on her bedroom laptop webcam. Or Kate Upton. Or Sarah Palin. Or... does it matter? It may even be you.

As other commenters have said, after 30 years it's not going to stop. We've got to take matters into our own hands. Use Tails & TOR for browsing, Textcrypt for text messages and Cellcrypt for mobile phone calls. Then, take everything off of Dropbox, Instagram, iCloud, etc, and stash it all in a Cloudlocker (www.cloudlocker.it) which works just the same but stays in the house where they still need a warrant to get inside.

What a shame that it's come to this. We need to protect us from the people supposed to protect us.

Crypto progress makes NSA's life difficult

> And if it hasn't, it will just hold the data until
> it can crack it.

Unfortunately for the NSA, most modern ciphers are secure enough that it is unlikely that this kind of waiting is worthwhile. The only justification is that they might be able to later hack into an active suspect's computer(s) in order to discover the encryption key (or possibly use a side-channel attack like TEMPEST).

As long as the NSA can control the ability of legislators to speak out by saying "it's classified", it will continue to gain power. The whole concept of this assault on freedoms is just ridiculous - a democracy's elected representatives are expected to follow a government agency's instructions. Even their staff can't see some things!